NIS Directive/Regulations

Protecting network and information systems in our critical infrastructure.

What is NIS Directive and NIS Regulations (2018)?

The EU NIS Directive became UK law as the Network and Information Systems Regulations (2018). It is a security regulation designed to protect network and information systems in our critical infrastructure. In the UK, non compliant organisations can be fined up to £17m.

Who does NIS Directive apply to?

Operators of Essential Services (OES) and Digital Service Providers (DSPs) operating and offering service to EU persons need to be aware of the Directive on Information and information systems. This includes, water, energy health, transport, digital infrastructure.

Security Duties of OES and DSPs

  • Take appropriate and proportionate technical and organisational measures to manage risks posed to the security of the network and information systems on which their essential service relies.
  • Take appropriate and proportionate measures to prevent and minimise the impact of incidents affecting the security of the network and information systems used for the provision of an essential service, with a view to ensuring the continuity of those services.
  • Measure taken must take into account the latest state of the art, ensure a level of security of network and information systems appropriate to the risk posed.
  • Must use guidance issued by the competent authorities when carrying these measures out
  • An OES must also notify the competent authority in the event of any security incident that has a significant impact on the continuity of their service without undue delay (no later than 72 hours)

Advent IM and NIS Directive and Regulations

We offer scalable guidance and consultancy for OEMs and DSPs. With many years’ experience working across critical infrastructure and government, we can offer assurance and support for those organisations impacted.

We also offer training for staff tasked with implementation and ongoing compliance to NIS regulations.

For a confidential conversation on how it could work for your organisation – call us on 0121 559 6699 or email bestpractice@advent-im.co.uk

NIS Regulation Training

If you are interested in our NIS Regulation Training, you can download the leaflet here.

Find out how we can help your organisation.